Building a Hybrid Bridge to the Microsoft Cloud

2014-29-August-Rope-Bridge.jpgWhen Satya Nadella announced Microsoft’s new Mobile-First, Cloud-First strategy, he drew a line in the sand with Microsoft employees and set the company on a new course. When Microsoft COO, Kevin Turner reiterated the message at the World Wide Partner Conference in July, he sent partners scrambling to get cloud certified, saying “Selling on-premises software was good for you and us for a long time but the future lies in the cloud and mobility, and Microsoft plans to go in that direction with our partner community intact.”

Customers have felt the shift as well as they ponder what solutions can be cloud based and how to integrate them without significant effort and cost. Some organizations look at Office 365 and feel insecure about moving to a multi-tenant environment. Many organizations have significant investments in on-premises applications and infrastructure so moving to the cloud will not be an easy process.

These critical business systems have kept the wheels of commerce running for some time and have been built up with many layers of complexity and integration. Strict compliance regulations prevent many companies from exposing data in a cloud environment. With these constraints and issues in mind Microsoft has created a number of hybrid options that allow companies to selectively migrate enterprise solutions or build new applications that use cloud services while maintaining an on-prem infrastructure.

Let’s look at the options.

What Hybrid Means

The concept of a hybrid solution is based on integrating on-prem application infrastructure with cloud based services and capabilities.

You have three options for deploying and managing enterprise solutions:

  1. You can stay on-prem with all of your infrastructure behind your corporate firewall
  2. You can have a mix of on-prem and cloud services with a secure connection between your back office systems and cloud solutions
  3. You can have all of your enterprise systems in the cloud

Companies can selectively choose which applications and services they want to migrate and which need to stay behind the firewall. For some organizations the advent of the cloud means they can expose information to third party companies without exposing any of their on-prem systems to external users.

Some organizations are looking at using the cloud as the presentation layer for internal business related data with secure access to data sources behind the firewall. This trend allows companies to stay compliant with industry regulations (secure, on-prem data) and still expose critical business data to employees or partners globally through a browser.

Build the Bridge to the Cloud

Microsoft has been building a comprehensive cloud strategy that spans the various types of cloud platforms. Amit Kumawat wrote a great article last year on the Microsoft Cloud Service Models and how they fit together so I won’t go into a great deal of detail on the various options.

Azure based Websites and Applications -- Platform as a Service (PaaS)

The Azure platform has been available for several years. We can see a growing trend in developing web based applications that are deployed to Azure Web Sites using secure connections to back-end systems. Azure’s PaaS is well documented and has extensive integration capabilities for organizations that want to build custom Web Applications that scale across the globe.

Dynamics and Office 365 -- Software as a Service (SaaS)

Enterprise application platforms like Exchange, Dynamics CRM and SharePoint have been deployed in the cloud for several years. After several iterations, these systems now offer a robust portfolio of capabilities for organizations to work with. Office 365 has been in the forefront of conversations lately as Microsoft integrates Exchange, Lync, SharePoint, Yammer and Office into an integrated SaaS solution.

Windows and SQL Server -- Infrastructure as a Service (IaaS)

Microsoft Windows Server and SQL Server Database Server environments are available from an infrastructure perspective for organizations that want to build custom applications with the same server functionality as on-prem solutions. This is a well-developed and stable environment for organizations to offload custom solutions that removes the need to host and manage these servers in the corporate data center. This environment is similar to the infrastructure service that Amazon Web Services provides.

Power BI

Microsoft released the Microsoft Power BI solution in February of this year. It provides a comprehensive BI capability previously missing from the Microsoft Cloud portfolio through a cloud based dashboarding environment that integrates Microsoft Excel with Office 365. Users can create Power BI solutions with Microsoft Excel visualizations that can be published to Office 365 environments for sharing and collaboration. Power BI dashboards can be published on-prem as well using SQL Server 2012/14. The on-prem solution provides a dashboard gallery that can be surfaced in SharePoint 2013, enabling self-service BI capabilities to the SharePoint 2013 platform.

What is fascinating about Power BI is the Gateway Server Microsoft provides. It can be deployed behind firewalls to allow organizations to securely connect to on-prem data sources that serve data to the cloud based Power BI solution. This provides an entirely new dimension to accessing on-prem data and exposing it to the cloud.

The diagram below is a great example of the Gateway Server concept and shows how the Power BI Gateway Server works:


Microsoft Hybrid Solution Trends

You can spot trends based on some of the specific products that Microsoft is pushing out, and extrapolate direction based on seeing these trends expand into other product lines.

The Gateway Server Concept

The Power BI Gateway Server concept provides some interesting clues about where Microsoft is going with hybrid options for customers. The lines between on-prem data stores and cloud based systems will become blurred as time goes forward with this type of platform.

Having a Secure Store (stores usernames and passwords for accessing on-prem data) is a key component to the Gateway concept. Microsoft has taken the Secure Store component out of the SharePoint platform and extended it for other uses. The Power BI Data Management Gateway is a service that you enable on a client machine behind the firewall to connect to internal data sources using OAuth. Expect more solutions to use this type of connector that can secure data between your corporate data center and Microsoft’s cloud platform.

Decoupling Services from SharePoint

Microsoft has started decoupling services from SharePoint 2013 that will likely move towards Gateway Server concepts as we move forward. Workflow is a good example of this trend. Microsoft changed the entire workflow architecture for SharePoint 2013 and introduced a stand-alone Workflow Manager Server (see what I’m talking about?) that can be connected to the BizTalk Business Process Management (BPM) solution that is included in Azure. This provides advanced workflow process that can be connected with Azure from behind the firewall.

With the release of SharePoint 2013, Microsoft also decoupled the Office Web Apps Service into its own Office Web Apps Server that is installed separately from the default SharePoint install. This allows organizations to edit office documents in your web browser within the on-prem SharePoint environment. These trends are the initial steps in breaking up the leviathan platform that SharePoint Server has become over the years. Look for other services to be decoupled as we move towards SharePoint 2015.

SharePoint 2013 in a Private Cloud

At the World Partner Conference this year, Microsoft introduced the ability to build and manage virtual machines through the Azure Preview Portal. This capability allows Azure customers to deploy multiple virtual machines at once. SharePoint in Azure and in a Private Cloud is not new, however the ease in which you can stand these environments up and manage them has been greatly enhanced.

Azure subscribers can now create entire SharePoint 2013 Server Farms in a private cloud environment that includes a multi-virtual machine gallery (similar to the Amazon AWS Service) where customers can deploy SharePoint Server Farms consisting of three or nine virtual servers. This allows organizations to create on-demand SharePoint 2013 platforms for Development, Testing or Production environments instead of using SharePoint on-prem, or SharePoint Online in Office365.

The nine server farm template includes:

  • Active-Directory enabled primary and backup Domain Controllers
  • Three SQL Server AlwaysOn servers
  • Four servers for SharePoint consisting of two servers for web load balancing and two servers for load balanced apps

The diagram below is an example of the Azure SharePoint Configuration Portal:


Machine Learning and Delve

Last month I introduced you to Delve (formerly Oslo) and the concept of using Office Graph for machine learning across the Office365 platform. Microsoft will continue to enhance this capability. It's rumored that it will release a (you guessed it) Gateway Server to connect Delve to on-prem data sources (using OAuth and the Secure Store) that the Office Graph engine will consume and report on.

Microsoft also added Machine Learning to the Azure platform, which enables developers and data scientists to add predictive analytics to their cloud based applications. This will be a huge growth area for Microsoft as it continues to incorporate Big Data concepts into the enterprise. In fact, Microsoft is so committed to machine learning that it is deploying at least one Data Scientist to each business unit in the company.

What Does the Future Hold?

The future is getting clearer as Microsoft continues to build out solutions that allow organizations to decide how to deploy and how far to go into the cloud. Customers can decide which business functions should be kept on-prem and which can be moved to the cloud to build a variety of solutions that fit any architecture and need. The options Microsoft has created make the cloud less scary and certainly more flexible as organizations continue to ponder their next move. 

Title image by faberfoto-it /